Three Tips for Embracing Zero Trust

By Adam Burnham | April 6, 2020

If you read the 2020 technology predictions from Markley, you may have seen the one related to Zero Trust. In the year ahead, we predict that Zero Trust will pervade the internal network – meaning, data privacy and security concerns will impel the hardening of internal infrastructure, for example, to include data encryption both in-flight and at-rest. Further, hybrid architectures will force IT organizations to re-evaluate their concept of the 'internal network' and consider Internet-independent private network alternatives.

But what does that really mean? Zero Trust, an idea introduced by Forrester Research, is starting to make waves in IT departments at organizations across a wide range of industries – and is fundamentally changing the way organizations approach security. Traditionally, many organizations would trust entities once authorized to be within the confines of the network perimeter. But with the rise in cyberattacks and the adoption of cloud-based strategies – cloud platforms, software-as-a-service, web-based consumer services, Internet of Things initiatives, and more – the internal network and information stores are not as secure as they used to be.

With Zero Trust, organizations verify every person, device or entity that operates anywhere on the network, every time.

Today, 60% of organizations say they’re working toward or planning to introduce Zero Trust security practices. Further, while 75% of organizations run some applications in the cloud, many intend to keep at least a third of their applications running within their own data centers.

So how can your organization best adopt the Zero Trust strategy? Here are three tips:

Take Inventory of Your Data – In order to protect the data on your network, you have to know what exists, where. With organizations’ operations extending across multiple cloud providers and on-premise or private data centers, the internal and external network is no longer black and white. By determining which data is business-critical and what isn’t – regardless of where it exists – it’s easier to implement Zero Trust strategies to those assets that are most at risk and prioritized to be secured first.

Conduct Testing – You can’t protect what you don’t know about, or if you’re operating with a network that’s akin to a leaky bucket. By rigorously and continuously testing your environments for security holes, organizations can more effectively implement Zero Trust strategies that aren’t compromised by vulnerabilities, unpatched software or other avoidable security issues.

Pick the Right Partners – With so many corporate assets existing “outside” of traditional organizational walls, such as with cloud and software-as-a-service providers, it’s important to select partners that not only supports your Zero Trust goals, but has a solid track record of embracing security best practices across their own operations. Your security is only as good as the security of your partners – especially those who provide services or help manage your infrastructure.

Have you considered adopting Zero Trust strategies? If so, reach out to Markley’s team of experts to learn how our services – from colocation, network services, cloud, and Disaster Recovery as a Service – are tailored to your data access and security needs. Not only does Markley meet all of the industry’s key compliance requirements and certifications, such as PCI and ISO 27001, we work as a true extension of your team and ensure our services fit exactly what you’re looking for. Send us a note at info@markleygroup.com.